Build daemon drops its privileges
“Does it really need to run as root?” When talking to system
administrators of large supercomputers about installing Guix and having
its build daemon run as root, this question would quickly come up—and
rightfully so. We’re happy to announce that guix-daemon
can now run
without root privileges by taking advantage of Linux’s unprivileged
user namespaces, a feature now available even on some of the most
conservative supercomputers.